From c1bff94cd127ea570166ab128fa16af7e74a088c Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Wed, 18 Jan 2023 15:09:32 +0100 Subject: [PATCH] Parallel build of bootstrap/upgrade ova;Split ansible tasks respectively --- .drone.yml | 4 +- .../{ => bootstrap}/playbook.yml | 0 .../metacluster/filter_plugins/netaddr.py | 0 .../roles/metacluster/tasks/assets.yml | 0 .../roles/metacluster/tasks/certauthority.yml | 0 .../roles/metacluster/tasks/git.yml | 0 .../roles/metacluster/tasks/gitops.yml | 0 .../roles/metacluster/tasks/ingress.yml | 0 .../roles/metacluster/tasks/init.yml | 0 .../roles/metacluster/tasks/k3s.yml | 0 .../roles/metacluster/tasks/main.yml | 0 .../roles/metacluster/tasks/registry.yml | 0 .../roles/metacluster/tasks/storage.yml | 0 .../workloadcluster/tasks/clusterapi.yml | 0 .../roles/workloadcluster/tasks/gitops.yml | 14 +- .../workloadcluster/tasks/hypervisor.yml | 0 .../roles/workloadcluster/tasks/main.yml | 0 .../workloadcluster/tasks/nodetemplates.yml | 0 .../roles/workloadcluster/tasks/registry.yml | 0 .../templates/applicationset.j2 | 0 .../{ => bootstrap}/templates/cluster.j2 | 0 .../{ => bootstrap}/templates/clusterctl.j2 | 0 .../templates/compresstarballs.j2 | 0 .../{ => bootstrap}/templates/configmap.j2 | 0 .../{ => bootstrap}/templates/gitrepo.j2 | 0 .../{ => bootstrap}/templates/ingressroute.j2 | 0 .../templates/ingressroutetcp.j2 | 0 .../kustomization.cluster-template.j2 | 0 .../{ => bootstrap}/templates/registries.j2 | 0 .../{ => bootstrap}/templates/secret.j2 | 0 .../templates/serviceaccount.j2 | 0 .../{ => bootstrap}/templates/systemdunit.j2 | 0 .../{ => bootstrap}/templates/tty.j2 | 0 .../{ => common}/roles/cleanup/tasks/cron.yml | 0 .../{ => common}/roles/cleanup/tasks/main.yml | 0 .../roles/cleanup/tasks/service.yml | 0 .../{ => common}/roles/disks/tasks/main.yml | 0 .../{ => common}/roles/network/tasks/main.yml | 0 .../roles/network/templates/netplan.j2 | 0 .../roles/preflight/tasks/main.yml | 0 .../{ => common}/roles/tty/tasks/main.yml | 0 .../{ => common}/roles/users/tasks/main.yml | 0 .../{ => common}/roles/vapp/tasks/main.yml | 0 .../{ => common}/vars/defaults.yml | 0 .../ansible_payload/upgrade/playbook.yml | 26 +++ ansible/roles/firstboot/tasks/main.yml | 12 +- packer/build.pkr.hcl | 46 +++++ .../{k8sbootstrap.pkr.hcl => sources.pkr.hcl} | 45 +---- packer/variables.pkr.hcl | 1 - ... => Update-OvfConfiguration.bootstrap.yml} | 20 +- scripts/Update-OvfConfiguration.ps1 | 5 +- scripts/Update-OvfConfiguration.upgrade.yml | 175 ++++++++++++++++++ 52 files changed, 274 insertions(+), 74 deletions(-) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/playbook.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/filter_plugins/netaddr.py (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/assets.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/certauthority.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/git.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/gitops.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/ingress.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/init.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/k3s.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/registry.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/metacluster/tasks/storage.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/clusterapi.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/gitops.yml (88%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/hypervisor.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/nodetemplates.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/roles/workloadcluster/tasks/registry.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/applicationset.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/cluster.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/clusterctl.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/compresstarballs.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/configmap.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/gitrepo.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/ingressroute.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/ingressroutetcp.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/kustomization.cluster-template.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/registries.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/secret.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/serviceaccount.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/systemdunit.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => bootstrap}/templates/tty.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/cleanup/tasks/cron.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/cleanup/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/cleanup/tasks/service.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/disks/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/network/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/network/templates/netplan.j2 (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/preflight/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/tty/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/users/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/roles/vapp/tasks/main.yml (100%) rename ansible/roles/firstboot/files/ansible_payload/{ => common}/vars/defaults.yml (100%) create mode 100644 ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml create mode 100644 packer/build.pkr.hcl rename packer/{k8sbootstrap.pkr.hcl => sources.pkr.hcl} (55%) rename scripts/{Update-OvfConfiguration.yml => Update-OvfConfiguration.bootstrap.yml} (91%) create mode 100644 scripts/Update-OvfConfiguration.upgrade.yml diff --git a/.drone.yml b/.drone.yml index 4e367d2..bde7401 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,7 +1,7 @@ kind: pipeline type: kubernetes name: 'Packer Build' - + volumes: - name: output claim: @@ -39,7 +39,6 @@ steps: - | packer validate \ -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \ - -var vm_guestos=k8sbootstrap \ -var repo_username=$${REPO_USERNAME} \ -var repo_password=$${REPO_PASSWORD} \ -var vsphere_password=$${VSPHERE_PASSWORD} \ @@ -49,7 +48,6 @@ steps: packer build \ -on-error=cleanup -timestamp-ui \ -var vm_name=$DRONE_BUILD_NUMBER-${DRONE_COMMIT_SHA:0:10} \ - -var vm_guestos=k8sbootstrap \ -var repo_username=$${REPO_USERNAME} \ -var repo_password=$${REPO_PASSWORD} \ -var vsphere_password=$${VSPHERE_PASSWORD} \ diff --git a/ansible/roles/firstboot/files/ansible_payload/playbook.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/playbook.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/playbook.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/playbook.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/filter_plugins/netaddr.py b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/filter_plugins/netaddr.py similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/filter_plugins/netaddr.py rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/filter_plugins/netaddr.py diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/assets.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/assets.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/assets.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/certauthority.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/git.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/git.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/git.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/gitops.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/gitops.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/gitops.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/ingress.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/ingress.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/ingress.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/ingress.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/init.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/init.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/init.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/init.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/k3s.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/k3s.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/k3s.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/registry.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/registry.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/storage.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/storage.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/storage.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/clusterapi.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/clusterapi.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/gitops.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml similarity index 88% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/gitops.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml index 2b8bb98..320ddb9 100644 --- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/gitops.yml +++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/gitops.yml @@ -4,13 +4,6 @@ kubernetes.core.k8s: template: serviceaccount.j2 state: present - vars: - _template: - account: - name: argocd-sa - namespace: default - clusterrolebinding: - name: argocd-crb - name: Retrieve service account bearer token kubernetes.core.k8s_info: @@ -39,6 +32,13 @@ url: https://{{ vapp['workloadcluster.vip'] }}:6443 token: "{{ workloadcluster_bearertoken.resources | json_query('[].data.token') }}" + vars: + _template: + account: + name: argocd-sa + namespace: default + clusterrolebinding: + name: argocd-crb module_defaults: group/k8s: kubeconfig: "{{ capi_kubeconfig.path }}" diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/hypervisor.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/hypervisor.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/nodetemplates.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/nodetemplates.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/registry.yml b/ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/registry.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/registry.yml rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/workloadcluster/tasks/registry.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/applicationset.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/applicationset.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/applicationset.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/applicationset.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/cluster.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/cluster.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/cluster.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/cluster.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/clusterctl.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/clusterctl.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/compresstarballs.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/compresstarballs.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/compresstarballs.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/compresstarballs.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/configmap.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/configmap.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/configmap.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/configmap.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/gitrepo.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/gitrepo.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/gitrepo.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/ingressroute.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ingressroute.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/ingressroute.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ingressroute.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/ingressroutetcp.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ingressroutetcp.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/ingressroutetcp.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ingressroutetcp.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/kustomization.cluster-template.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/kustomization.cluster-template.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/registries.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/registries.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/registries.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/secret.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/secret.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/secret.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/secret.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/serviceaccount.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/serviceaccount.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/serviceaccount.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/serviceaccount.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/systemdunit.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/systemdunit.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/systemdunit.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/systemdunit.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/tty.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/tty.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/templates/tty.j2 rename to ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/tty.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/cron.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/cron.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/cron.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/cron.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/service.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/service.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/cleanup/tasks/service.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/cleanup/tasks/service.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/disks/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/disks/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/disks/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/disks/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/network/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/network/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/network/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/network/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/network/templates/netplan.j2 b/ansible/roles/firstboot/files/ansible_payload/common/roles/network/templates/netplan.j2 similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/network/templates/netplan.j2 rename to ansible/roles/firstboot/files/ansible_payload/common/roles/network/templates/netplan.j2 diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/preflight/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/preflight/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/tty/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/tty/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/tty/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/tty/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/users/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/users/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/users/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/users/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/vapp/tasks/main.yml b/ansible/roles/firstboot/files/ansible_payload/common/roles/vapp/tasks/main.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/roles/vapp/tasks/main.yml rename to ansible/roles/firstboot/files/ansible_payload/common/roles/vapp/tasks/main.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml b/ansible/roles/firstboot/files/ansible_payload/common/vars/defaults.yml similarity index 100% rename from ansible/roles/firstboot/files/ansible_payload/vars/defaults.yml rename to ansible/roles/firstboot/files/ansible_payload/common/vars/defaults.yml diff --git a/ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml b/ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml new file mode 100644 index 0000000..2750a68 --- /dev/null +++ b/ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml @@ -0,0 +1,26 @@ +--- +- hosts: 127.0.0.1 + connection: local + gather_facts: true + vars_files: + - defaults.yml + - metacluster.yml + # become: true + roles: + - vapp + - network + - preflight + - users + - disks + # - metacluster + # - workloadcluster + - tty + - cleanup + handlers: + - name: Apply manifests + kubernetes.core.k8s: + src: "{{ item }}" + state: present + kubeconfig: "{{ kubeconfig.path }}" + loop: "{{ query('ansible.builtin.fileglob', '/var/lib/rancher/k3s/server/manifests/*.yaml') | sort }}" + ignore_errors: yes diff --git a/ansible/roles/firstboot/tasks/main.yml b/ansible/roles/firstboot/tasks/main.yml index 8af6a2c..40b55f4 100644 --- a/ansible/roles/firstboot/tasks/main.yml +++ b/ansible/roles/firstboot/tasks/main.yml @@ -17,9 +17,17 @@ special_time: reboot job: "/opt/firstboot/firstboot.sh >/dev/tty1 2>&1" -- name: Copy payload folder +- name: Copy payload folder (common) ansible.builtin.copy: - src: ansible_payload/ + src: ansible_payload/common/ + dest: /opt/firstboot/ansible/ + owner: root + group: root + mode: '0644' + +- name: Copy payload folder (per appliancetype) + ansible.builtin.copy: + src: ansible_payload/{{ appliancetype }} dest: /opt/firstboot/ansible/ owner: root group: root diff --git a/packer/build.pkr.hcl b/packer/build.pkr.hcl new file mode 100644 index 0000000..118307b --- /dev/null +++ b/packer/build.pkr.hcl @@ -0,0 +1,46 @@ +packer { + required_plugins { + } +} + +build { + source "vsphere-iso.ubuntu" { + name = "bootstrap" + vm_name = "${var.vm_name}-bootstrap" + } + + source "vsphere-iso.ubuntu" { + name = "upgrade" + vm_name = "${var.vm_name}-upgrade" + } + + provisioner "ansible" { + pause_before = "2m30s" + + playbook_file = "ansible/playbook.yml" + user = "ubuntu" + ansible_env_vars = [ + "ANSIBLE_CONFIG=ansible/ansible.cfg" + ] + use_proxy = "false" + extra_arguments = [ + "--extra-vars", "appliancetype=${source.name}", + "--extra-vars", "ansible_ssh_pass=${var.ssh_password}"//, + // "--extra-vars", "repo_username=${var.repo_username}", + // "--extra-vars", "repo_password=${var.repo_password}" + ] + } + + post-processor "shell-local" { + inline = [ + "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\", + " -ApplianceType '${source.name} \\", + " -OVFFile '/scratch/airgapped-k8s/${var.vm_name}.ovf' \"", + "pwsh -file scripts/Update-Manifest.ps1 \\", + " -ManifestFileName '/scratch/airgapped-k8s/${var.vm_name}.mf'", + "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\", + " '/scratch/airgapped-k8s/${var.vm_name}.ovf' \\", + " /output/airgapped-k8s.${source.name}.ova" + ] + } +} diff --git a/packer/k8sbootstrap.pkr.hcl b/packer/sources.pkr.hcl similarity index 55% rename from packer/k8sbootstrap.pkr.hcl rename to packer/sources.pkr.hcl index 17d3872..e17c26a 100644 --- a/packer/k8sbootstrap.pkr.hcl +++ b/packer/sources.pkr.hcl @@ -1,15 +1,9 @@ -packer { - required_plugins { - } -} - -source "vsphere-iso" "k8sbootstrap" { +source "vsphere-iso" "ubuntu" { vcenter_server = var.vcenter_server username = var.vsphere_username password = var.vsphere_password insecure_connection = "true" - vm_name = "${var.vm_guestos}-${var.vm_name}" datacenter = var.vsphere_datacenter cluster = var.vsphere_cluster host = var.vsphere_host @@ -60,42 +54,7 @@ source "vsphere-iso" "k8sbootstrap" { export { images = false - output_directory = "/scratch/k8sbootstrap" + output_directory = "/scratch/airgapped-k8s" } remove_cdrom = true } - -build { - sources = [ - "source.vsphere-iso.k8sbootstrap" - ] - - provisioner "ansible" { - pause_before = "2m30s" - - playbook_file = "ansible/playbook.yml" - user = "ubuntu" - ansible_env_vars = [ - "ANSIBLE_CONFIG=ansible/ansible.cfg" - ] - use_proxy = "false" - extra_arguments = [ - "--extra-vars", "ansible_ssh_pass=${var.ssh_password}", - "--extra-vars", "repo_username=${var.repo_username}", - "--extra-vars", "repo_password=${var.repo_password}" - ] - } - - post-processor "shell-local" { - inline = [ - "pwsh -command \"& scripts/Update-OvfConfiguration.ps1 \\", - " -OVFFile '/scratch/k8sbootstrap/${var.vm_guestos}-${var.vm_name}.ovf' \\", - " -Parameter @{'appliance.name'='${var.vm_guestos}';'appliance.version'='${var.vm_name}'}\"", - "pwsh -file scripts/Update-Manifest.ps1 \\", - " -ManifestFileName '/scratch/k8sbootstrap/${var.vm_guestos}-${var.vm_name}.mf'", - "ovftool --acceptAllEulas --allowExtraConfig --overwrite \\", - " '/scratch/k8sbootstrap/${var.vm_guestos}-${var.vm_name}.ovf' \\", - " /output/Kubernetes.Bootstrap.Appliance.ova" - ] - } -} diff --git a/packer/variables.pkr.hcl b/packer/variables.pkr.hcl index 7248efe..c8d0af5 100644 --- a/packer/variables.pkr.hcl +++ b/packer/variables.pkr.hcl @@ -14,7 +14,6 @@ variable "vsphere_datastore" {} variable "vsphere_network" {} variable "vm_name" {} -variable "vm_guestos" {} variable "ssh_password" { sensitive = true } diff --git a/scripts/Update-OvfConfiguration.yml b/scripts/Update-OvfConfiguration.bootstrap.yml similarity index 91% rename from scripts/Update-OvfConfiguration.yml rename to scripts/Update-OvfConfiguration.bootstrap.yml index 3251302..331727f 100644 --- a/scripts/Update-OvfConfiguration.yml +++ b/scripts/Update-OvfConfiguration.bootstrap.yml @@ -35,7 +35,7 @@ PropertyCategories: Type: string(1..15) Label: Hostname* Description: '' - DefaultValue: 'META-NODE-{{ hostname.suffix }}' + DefaultValue: 'meta-{{ hostname.suffix }}' Configurations: '*' UserConfigurable: true @@ -102,7 +102,7 @@ PropertyCategories: Type: string(1..15) Label: Workload-cluster name* Description: '' - DefaultValue: 'WORKLOAD-{{ hostname.suffix }}' + DefaultValue: 'workload-{{ hostname.suffix }}' Configurations: '*' UserConfigurable: true @@ -168,22 +168,8 @@ PropertyCategories: Configurations: '*' UserConfigurable: true -AdvancedOptions: -- Key: appliance.name - Value: "{{ appliance.name }}" - Required: false -- Key: appliance.version - Value: "{{ appliance.version }}" - Required: false - --- Variables: - Name: hostname.suffix Expression: | - (-join ((48..57) + (97..122) | Get-Random -Count 5 | % {[char]$_})).ToUpper() -- Name: appliance.name - Expression: | - $Parameter['appliance.name'] -- Name: appliance.version - Expression: | - $Parameter['appliance.version'] + (-join ((48..57) + (97..122) | Get-Random -Count 5 | % {[char]$_})).ToLower() diff --git a/scripts/Update-OvfConfiguration.ps1 b/scripts/Update-OvfConfiguration.ps1 index abf03eb..22d923c 100644 --- a/scripts/Update-OvfConfiguration.ps1 +++ b/scripts/Update-OvfConfiguration.ps1 @@ -1,6 +1,9 @@ #Requires -Modules 'powershell-yaml' [CmdletBinding()] Param( + [Parameter(Mandatory)] + [ValidateSet('Bootstrap', 'Upgrade')] + [string]$ApplianceType, [Parameter(Mandatory)] [ValidateScript({ If (Test-Path($_)) { @@ -14,7 +17,7 @@ Param( ) $GetContentSplat = @{ - Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".yml") + Path = "$($PSScriptRoot)\$($MyInvocation.MyCommand)".Replace('.ps1', ".$($ApplianceType.ToLower()).yml") Raw = $True } $RawContent = Get-Content @GetContentSplat diff --git a/scripts/Update-OvfConfiguration.upgrade.yml b/scripts/Update-OvfConfiguration.upgrade.yml new file mode 100644 index 0000000..331727f --- /dev/null +++ b/scripts/Update-OvfConfiguration.upgrade.yml @@ -0,0 +1,175 @@ +DeploymentConfigurations: + +- Id: cp1w1 + Label: 'Workload-cluster: 1 control-plane node/1 worker node' + Description: 1 control-plane node/1 worker node + +- Id: cp1w2 + Label: 'Workload-cluster: 1 control-plane node/2 worker nodes' + Description: 1 control-plane node/2 worker nodes + +DynamicDisks: + +- Description: Longhorn persistent storage + UnitSize: GB + Constraints: + Minimum: 100 + Maximum: '' + PropertyCategory: 1 + +PropertyCategories: + +- Name: 0) Deployment information + ProductProperties: + - Key: deployment.type + Type: string + Value: + - cp1w1 + - cp1w2 + UserConfigurable: false + +- Name: 1) Meta-cluster + ProductProperties: + + - Key: guestinfo.hostname + Type: string(1..15) + Label: Hostname* + Description: '' + DefaultValue: 'meta-{{ hostname.suffix }}' + Configurations: '*' + UserConfigurable: true + + - Key: metacluster.password + Type: password(7..) + Label: Appliance password* + Description: 'Initial password for respective administrator accounts within each component' + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: guestinfo.ipaddress + Type: ip + Label: IP Address* + Description: '' + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: guestinfo.prefixlength + Type: int(8..32) + Label: Subnet prefix length* + Description: '' + DefaultValue: '24' + Configurations: '*' + UserConfigurable: true + + - Key: metacluster.fqdn + Type: string(1..) + Label: Appliance FQDN* + Description: Respective subdomains will be available for each component (e.g. storage.example.org); this address should already be configured as a wildcard record within your DNS zone. + DefaultValue: meta.k8s.cluster + Configurations: '*' + UserConfigurable: true + + - Key: guestinfo.dnsserver + Type: ip + Label: DNS server* + Description: '' + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: guestinfo.gateway + Type: ip + Label: Gateway* + Description: '' + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: guestinfo.ntpserver + Type: string(1..) + Label: Time server* + Description: A comma-separated list of timeservers + DefaultValue: 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org + Configurations: '*' + UserConfigurable: true + +- Name: 2) Workload-cluster + ProductProperties: + + - Key: workloadcluster.name + Type: string(1..15) + Label: Workload-cluster name* + Description: '' + DefaultValue: 'workload-{{ hostname.suffix }}' + Configurations: '*' + UserConfigurable: true + + - Key: workloadcluster.vip + Type: ip + Label: Workload-cluster virtual IP* + Description: Workload-cluster control plane endpoint virtual IP + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: ippool.startip + Type: ip + Label: Workload-cluster IP-pool start IP* + Description: All nodes for the workload-cluster will be provisioned within this IP pool + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: ippool.endip + Type: ip + Label: Workload-cluster IP-pool end IP* + Description: All nodes for the workload-cluster will be provisioned within this IP pool + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + +- Name: 3) Common + ProductProperties: + + - Key: guestinfo.rootsshkey + Type: password(1..) + Label: SSH public key* + Description: Authentication for any node (meta-cluster *and* workloadcluster); this line should start with 'ssh-rsa AAAAB3N' + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + +- Name: 4) Hypervisor + ProductProperties: + + - Key: hv.fqdn + Type: string(1..) + Label: vCenter FQDN/IP-address* + Description: The address of the vCenter instance which this bootstrap appliance will interact with for provisioning new VM's. + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + + - Key: hv.username + Type: string(1..) + Label: vCenter username* + Description: The username which this bootstrap appliance will authenticate with to the vCenter instance. + DefaultValue: 'administrator@vsphere.local' + Configurations: '*' + UserConfigurable: true + + - Key: hv.password + Type: password(1..) + Label: vCenter password* + Description: The password which this bootstrap appliance will authenticate with to the vCenter instance. + DefaultValue: '' + Configurations: '*' + UserConfigurable: true + +--- +Variables: +- Name: hostname.suffix + Expression: | + (-join ((48..57) + (97..122) | Get-Random -Count 5 | % {[char]$_})).ToLower()